I'm relatively new to Delphi, so if the title doesn't match the contents of the question, my apologies. I'm looking to automate a process on a site that submits a form. I believe I've isolated the code from the site which handles this (values edited for account security) which is:
<form action="action.php" method="post">
<p class="center">
<input type="hidden" name="StringOne" value="StringOneB" />
<input type="hidden" name="StringTwo" value="StringTwoB" />
<input type="hidden" name="StringThree" value="StringThreeB" />
<input type="image" src="img/imageone.jpg" />
</p>
</form>
It is the only form on the page. The form is usually submitted via clicking imageone.jpg. The values of the three inputs are generated dynamically. How would I automate submission of this form? I planned to use the internet explorer OleObject. My code currently looks like
procedure TForm1.Button1Click(Sender: TObject);
var
IE: variant;
begin
IE:= CreateOleObject('internetExplorer.Application');
IE.visible := true;
IE.navigate('http://thesite.com');
I have attempted to use the following (each line is a separate attempt):
IE.Document.GetElementByID('StringOne').setAttribute('value', 'StringOneA', 0);
//above won't work because input has no ID
IE.Document.GetElementByName('StringOne').setAttribute('value', 'StringOneA', 0);
//does not appear to be understood
IE.OleObject.Document.forms[0].submit();
IE.OleObject.Document.forms[1].submit();
//does not appear to recognise the form
I've tried countless other lines of code, but none have been fruitful. Can this be done and if so, how? If any code could be explained, it would be helpful, as I am not well versed in OleObject automation. I can ham-handedly get the values from the HTML source, the main focus of the question is simply submitting the form assuming I have the values. Anything else is a bonus. If anything needs to be clarified, just say.
Related
I am trying to input submit value and want to pass the value to another page through GET but for that I have to use two Clicks button.
I want the same in a single click. Help required.
Code:-
<form method="post">
<input name="inwardid" type="text" id="inwardid" />
<?php $inwardid = $_POST['inwardid']; ?>
<input type="submit" value="Next" />
</form>
<a href="addbook.php?up=<?php echo $inwardid; ?>"><button>Proceed</button>
You want to send the value the user typed in to the other page. So use this for your <form>:
<form method="POST" action="addbook.php">
<input name="up" type="text" id="up">
<input type="submit" value="Proceed">
</form>
To access the value in addbook.php, use $_POST['up'].
This will send the value the user typed in the input label (type="text") to the addbook.php page, using a $_POST. No need for a $_GET, $_POST will do just fine.
As you deliberately asked for method GET, my solution shows you GET!
You must know there is no security issue when using GET. It depends what you want to do. GET is useful if you want to use a dynamic code in multiple ways depending on some some variables that you do not want to hard-code in your script, or simply do not want to send files or other huge data.
Lets admit a newspaper has a site called breaking_news.php and you want to access the breaking news of November 8, 2016you could use this as :
breaking_news.php?y=2018&m=11&d=08
The fact that one can see your GET vars means nothing. Even by using POST one can see your variables by looking at your code. And one way or the other you must protect against code injection and brute force.
But if your not in the mood to show this vars to your visitor you can use URL rewriting to rewrite the url above in the browser as
RewriteRule ^breaking/(.*)/(.*)/(.*)/news\.html$ breaking_news.php?y=$1&m=$2&d=$3 [NC,L]
so you send your visitor to see the (rewritten)URL
breaking/2018/11/08/news.html
but what the web-server is showing him is:
breaking_news.php?y=2018&m=11&d=08
A reason to use this if for example when you want your dynamic site to be taken into consideration by some searching engine as a static site, and get indexed. But this is again another battle field.
Second, you want to send the variable to "addbook.php", and not to itself.
Your question sounded like you want to send to "another page" not to the same page.
Third, I can see in your code snippet you want to submit the variable "up" and not "inwardid", as you did in your code.
And also I can see you want the "submit" button to be called "Proceed".
Your code would look like this:
<form method="GET" enctype="application/x-www-form-urlencoded" action="addbook.php" target="_blank">
<input name="up" type="text" id="inwardid" />
<input type="submit" value="Proceed" />
</form>
As I said you must protect against injection, and this means for example, that in the "addbook.php",to whom you are sending the variables you must write some code that protects you against this issues. As your question is not in this direction I will not enter this subject.
To avoid problems with special chars you must "url-encode" your variable specially when sending them per POST method. In this case you must use this enctype if your handling text. Because this enc-type is transforming special chars into the corresponding ASCII HEX-Values.
Using GET your safe, because GET cant send in another enc-type. So your variable will automatically be url-encoded and you receive a string that is compliant to RFC 3986 similar by using:
rawurlencode($str)
Lets admit someone smart guy fills in a your input box the following code, in the desire to break your site. (This here is not exactly a dangerous code but it looks like those who are.)
<?php echo "\"?> sample code in c# and c++"; ?>
using enctype="application/x-www-form-urlencoded" this will become something like this:
%3C%3Fphp%20echo%20%22%5C%22%3F%3E%20sample%20code%20in%20c%23%20and%20c%2B%2B%22%3B%20%3F%3E
what makes it safe to be transported in a URL, and after receiving and cleaning it using
strip_tags(rawurldecode($_GET['str']))
it would output something like this, what is a harmless string.
sample code in c# and c++
Currently I am using a hidden form (for reasons decided upon by others, not myself) to act as a link so it can post data with itself. This "link" always opens in the same window, and the general tricks I have tried don't let it open in a new tab instead. This is the current code, any tips?
<tr><td>
<form method="post" action="myPage.php" class="inline">
<input type="hidden" name="submit_parassmHidden" value="extra_submit_value">
<button type="submit" name=".$dataIAmPassingToNextPage." value="submit_value" class="link-button">"
.$linkTitle."</button></form>
</td>";
^Took out the escape slashes to be easier to read, its in PHP, its echo so it shows as regular HTML.
Things like target="_blank" dont seem to be working for me or I am putting them in the wrong place. Anyone have ideas on how I could do this?
EDIT: Since people are saying I can't be doing both, this is what I am doing. It LOOKS like a normal link, there is no form, it IS HIDDEN.
"Ok you're saying 2 different things here. The form is either hidden or you can see the submit link. Both can't be true" <- From comments. Clearly it is true, the form is hidden, and you can see the submit link. However I want these "Links" (which are really buttons in disguise) to open in the new tab.
Unfortunately you have not another option.
target="_blank" or button with formtarget="_blank" in HTML5 (like #CD001 comment) is the solution.
_blank Opens the linked document in a new window or tab depending on the user's browser configuration.
But I saw a little trick here: https://stackoverflow.com/a/15551850/2951051
someone who say to use target="_tab" even if not exist (I dont know if it really work)
<tr><td>
<form method="post" action="http://stackoverflow.com" class="inline" target="_blank">
<input type="hidden" name="input_name" value="extra_submit_value">
<button type="submit" name="form_name" value="submit_value" class="link-button">test</button></form>
</td>
Overview of what my question is:
I have an array that is populated via XML inputs, and from this I am the using it to populate a web form with form controls. From here I want to be able to select the exact form that is clicked, but to do that I need to give the controls some form of unique identifier, which is an issue...
As the site is of a betting nature and I am currently working with horse racing, each horse is given a unique identifier by default, I have tried to add this identifier to the forms.
e.g:
<?php
//Values from feed examples: 123, 234, 345
$valuesFromFeed = array(123, 234, 345); //These are not in my code, they are values from the XML feed
while ($uniqueIdentifier = $valueFromFeed) {
<form name="horse_<?php echo $uniqueIdentifier; ?>_frm" action="#">
<input type="hidden" name="horse_<?php echo $uniqueIdentifier; ?>" />
<input type="button" value="Place bet" />
</form>
}
?>
But then the problem comes when I try to reference this name of "horse_123", I need to know exactly what the value of that name is, which is impossible as there are millions of horses, tracks and races.
Example of trying to get post:
<?php
if (isset($_POST['horse_' . $uniqueIdetifier])) {
echo "You got the right thing here.";
} else {
echo "Still no joy.";
}
?>
The issue with the code above, is that once the $uniqueIdentifier has been used in the while above, it is removed and is no longer usable in this scope.
So to conclude, my point and question:
How do I get the correct name from the form in a submit for the specific horse that I wish to reference and get information on?
How do I use this information as I need to?
Better Description:
I have been given an XML feed and site as part of a handover, this feed contains many hundreds of races and horses.
When this information is loaded into the page, it is also stored in a database on the server, as well as sending it through some different loops (which are messy, but someone else's code I'm trying to clean up!) which split it down and then make up a dynamic menu containing all the races, horses, odds and information. (All information on a single horse within a race is kept in one form)
Next to the information stated in the prior paragraph, is 2 buttons, one that allows the user to take odds and another that allows users to take starting price.
On either of these button clicks, I need the information attached to said horse, and then populate a betting slip. In the form (mentioned above) the name is "horse_<?php echo $uniqueIdentifier; ?>_frm".
The problem that occurs to me is, yes data is stored on the server when it is loaded, that I cannot seem to get the right form via the unique identifier that is put into the form name
Edits
Added form surrounding my input as this is there, I just missed it in original question
Added the button that transmits data to where I need it
Added a better description of my problem
You can use multiple forms, one for each horse. Each form has a different action, where the URL includes the id of the horse. For example:
<form action="/horses/my_unique_horse_name">
...
</form>
<form action="/horses/another_horse_name">
...
</form>
Or you could have multiple forms all with the same action, with a hidden field for the name of the horse:
<form action="/horses/">
<input type="hidden" value="my_unique_horse_name">
</form>
<form action="/horses/">
<input type="hidden" value="another_horse_name">
</form>
Alternatively, you could have a button for each horse:
<form method="/horses/">
<button type="submit" value="my_unique_horse_name">My Horse</button>
<button type="submit" value="another_horse_name">Another Horse</button>
</form>
Beyond that, I don't entirely understand the problem. What kind of data are you submitting and retrieving?
When a form has multiple image inputs and the server side uses their names and/or values to distinguish which one was clicked, it works perfectly in FireFox. However, people often write the whole thing before finding out that HTML specifies that nothing has to be sent, and thus some browsers are not sending it.
It's not about sending any random object, but sending a pair as input_name=input_value. The best worst-case scenario example here would be what I've encountered: A list of elements all in one form and all accompanied by buttons with name="delete" value="<item_id>"
What can I do to fix this problem?
Per the HTML spec, clicking on an IMAGE input will return the parameters:
name.x=x-value and name.y=y-value where "name" is the value of the name attribute
with x-value and y-value corresponding to the click position.
Sure, the server code to deal with this will be a little annoying, but you could just check all the query parameter keys with a regular expression:
/^(.*)\.[xy]$/
to search for the IMAGE input keys to determine which IMAGE was clicked.
I tried with this sample:
<form action="#" method="GET">
<input type="text" name="t" value="Text here"><br>
<input type="image" name="a" value="1" src="http://sstatic.net/so/img/logo.png"><br>
<input type="image" name="b" value="2" src="http://www.gravatar.com/avatar/c541838c5795886fd1b264330b305a1d?s=32&d=identicon&r=PG"><br>
</form>
And I get the following urls:
FF 3.6: x.html?t=Text+here&b.x=19&b.y=17&b=2#
IE 8: x.html?t=Text+here&b.x=22&b.y=18
IE 7: x.html?t=Text+here&a.x=185&a.y=51
Opera 10: x.html?t=Text+here&a.x=107&a.y=53#
Chrome: x.html?t=Text+here&b.x=20&b.y=17&b=2#
So it seems that all the browsers are sending something image related, even if it isn't the image name directly. Since you need to scan for all the image names that you expect to see you can just scan for imagename.x instead. This seems to be how the spec indicates it should work.
The problem was half solved up to now: like here
But it didn't allow to get the value!
The correct answer is:
$('input[type=image]')
.unbind('mousedown')
.mousedown(function(){
$(this).after('<input type="hidden" name="'+$(this).attr('name')+'" value="'+$(this).attr('value')+'" />');
});
This code creates a hidden duplicate of the input when user starts clicking it. The unbind('mousedown') is to secure it happens once even if You put the code in multiple places in a weird application and it might be called more than once.
I recommend putting it in $(document).ready();
I think I am/was having a similar problem. I wanted to click on an thumbnail and have it enlarged on a different page. I was trying to do this with PHP alone but I finally had to use the tag with the . Worked great for FF3 and safari but the INPUT IMAGE values did not post for IE9 or FF9.
My work around was to put each image in its own form and then also use a hidden input to send the needed data.
<table>
<tr>
<td>
<form method="post" class="form_photo">
<input type="image" name="img_photo" value="does nothing in IE9 or FF9" />
<input type="hidden" name="photo" value="nameoftheimage.jpg" />
</form>
<form method="post" class="form_photo">
<input ...>
<input ...>
</form>
<form> ...
</td>
</tr>
Then I discovered the forms displayed vertical, making it very odd. CSS to the rescue.
.form_photo { display:inline; }
seems to have solved the vertical problem. Now the user can click on the thumbnail and the value now passes in all the browsers I have access to testing.
Using the type="image" is problematic because the ability to pass a value is disabled for some stupid lack of reason. Anyways & although it's not as customizable & thus as pretty, you can still use you images so long as they are part of a type="button".
<button type="submit" name="someName" value="someValue"><img src="someImage.png" alt="SomeAlternateText"></button>
how can i pass parameters from an html page(map.html) to a php(createxml.php) without having to open the php page? Im incorporating googlemaps in html page(map.html) so i want the users to enter data on a form on the html page which will be sent to php(createxml.php) which in turn will connect to mySQL DB and create an xml format of the response the html page uses this xml output to create positions on the map since it contains longitude and latitude.
I have used the following code in the heading of the php page(createxml), but it shows the contents of php file for a brief moment redirecting me to map.html
Thanks for your time, i can post all the code if needed.
<meta http-equiv="refresh" content="0;url=http://localhost/map.html/">
It's quite simple with AJAX, using jQuery you don't have to know much about it :)
So simply import the latest jQuery Library.
Then you have your form:
<form id="my_form">
<input type="text" name="param1" />
<input type="text" name="param2" />
<input type="hidden" name="action" value="do_stuff" />
<input type="submit" value="Submit" />
</form>
and somewhere beneath that, you just paste this tiny javascript-function, which handles the submit of the form:
<script>
$('#my_form').submit(function(){
var post_params = $('#my_form').serialize();
$('#waiting').show();
$.post('the_page_you_are_on.php', post_params, function(data) {
$('#waiting').hide();
return false;
})
});
</script>
(The element (div, p...) with the id "waiting" could e.g. contain one of those fancy ajax loading images, but is not neccessary! :) If you want one to be shown, find one via google, set it as the background image of the #waiting-element and set its display to none (CSS)).
The function itself just calls the page you're on and then you've got the form variables in your post-array, so the top of your page could look something like this:
<?php
if(isset($_POST['action'])) {
switch($_POST['action']) {
case 'do_stuff' :
$param1 = $_POST['param1'];
$param2 = $_POST['param2'];
//do some DB-stuff etc.
break;
}
}
?>
I hope that helps!
It's a terrible idea, but because you don't want to use AJAX you could put the PHP in a frame and reload just that portion. Again, awful idea, but the closest you're going to get without using AJAX.
On a useful note though, AJAX is literally just one function in javascript. It's not hard at all to learn.
If you are just trying to pass parameters to a PHP page from the web browser, there are other ways to do it beyond 'Ajax'. Take a look at this page and view the source code (be sure to view the source of the included javascript file: http://hazlo.co/showlist.php?s=chrome&i=4e289d078b0f76b750000627&n=TODO
It uses an extremely basic method of changing the src of an image element, but passes information to the web server (PHP page) in the querystring of the image request. In this example I actually care about the results, which are represented as an image, but it sounds like you are just trying to pass data to the server, so you can return a 1 pixel image if you like. BTW, don't be fooled by the URL that is being used, a server rule is telling apache to process a specific PHP file when check it,GIF is requested.
You should play with it and use firebug or chrome's built in debugger to watch the requests that are being sent to the server.
You can't get any results from a PHP-script if you don't request it and process the output. If you dont't want to leave the current page, you have to use AJAX!
"but it shows the contents of php file for a brief moment" The reason is, that your browser first needs to load the entire page, then start the META-redirect. You don't need a redirect to load data from the server, but if you really want to, you should HTTP-headers for redirect.
Ok guys after hours of headache i finally found the solution! Basically i called my xmlproduce.php from inside my map.html, lemme explain so maybe will help others:
maps.html contained a googlmap API Javascript function which called my createxml.php called second.php
GDownloadUrl("second.php", function(data) )
what i did was i tweaked this call to second.php by adding some parameters in the URL like:
GDownloadUrl("second.php?strt="+ysdate+"/"+msdate+"/"+dsdate+"&end="+yedate+" /"+medate+"/"+dedate+"&id="+ide, function(data)
which is sending the parameters needed by second.php, so after that i made a small html form which called the script of googlemap api on the same file(map.html) to pass the parameters from the form to the GDownloadUrl i mentioned above, the code of the form is :
form method="get" action="">
IMEI: <input type="text" id="id" name="id" size="25" /> <br />
Start Date: <input type="text" id="ysdate" name="ysdate" size="4" value="2000" /> <input type="text" id="msdate" name="ysdate" size="1" /> <input type="text" id="dsdate" name="dsdate" size="1" /> <br/>
End Date: <input type="text" id="yedate" name="yedate" size="4" /> <input type="text" id="medate" name="ysdate" size="1" /> <input type="text" id="dedate" name="dedate" size="1" /> <br/>
<input type="button" value="submit" onClick="load()" />
</form>
afterwards i put extra constraints on the form for the values allowed.
Thanks everybody for the help, and you can always ask if somebody needs some clarification.